BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user. This issue is fixed in version 23.2.3.
                
            Metrics
Affected Vendors & Products
References
        History
                    Tue, 01 Oct 2024 15:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: cisa-cg
Published: 2023-09-05T20:15:57.824Z
Updated: 2024-10-01T14:58:14.818Z
Reserved: 2023-08-11T17:05:35.729Z
Link: CVE-2023-4310
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-08-02T07:24:04.471Z
 NVD
                        NVD
                    Status : Modified
Published: 2023-09-05T21:15:47.537
Modified: 2024-11-21T08:34:49.993
Link: CVE-2023-4310
 Redhat
                        Redhat
                    No data.